rpms
/
zstd
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:i10cs
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9
...
pull from: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i10cs
rpms:cs10
rpms:i8c
rpms:c8
rpms:i9c
rpms:c9

No commits in common. 'i10cs' and 'c9' have entirely different histories.
i10cs ... c9

6 changed files with 107 additions and 164 deletions
Show Stats

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/zstd-1.5.5.tar.gz SOURCES/zstd-1.5.1.tar.gz

2
.zstd.metadata
Unescape View File

@ -1 +1 @@
4479ecc74300d23391d99fbebf2fddd47aed9b28 SOURCES/zstd-1.5.5.tar.gz e6a51ef3f7d5be5b74ac74d88bf3850057e00adb SOURCES/zstd-1.5.1.tar.gz

67
SOURCES/bti.patch
Unescape View File

@ -1,67 +0,0 @@
From a88781954a875c4f00883eba6a8c5d172c4f5c17 Mon Sep 17 00:00:00 2001
From: Nick Terrell <terrelln@fb.com>
Date: Wed, 13 Mar 2024 09:58:34 -0700
Subject: [PATCH] [asm][aarch64] Mark that BTI and PAC are supported
Mark that `huf_decompress_amd64.S` supports BTI and PAC, which it trivially does because it is empty for aarch64.
The issue only requested BTI markings, but it also makes sense to mark PAC, which is the only other feature.
Also run add a test for this mode to the ARM64 QEMU test. Before this PR it warns on `huf_decompress_amd64.S`, after it doesn't.
Fixes Issue #3841.
---
.github/workflows/dev-short-tests.yml | 1 +
lib/decompress/huf_decompress_amd64.S | 23 ++++++++++++++++++++++-
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/dev-short-tests.yml b/.github/workflows/dev-short-tests.yml
index b2aaff89cf7..5324b38d9ac 100644
--- a/.github/workflows/dev-short-tests.yml
+++ b/.github/workflows/dev-short-tests.yml
@@ -409,6 +409,7 @@ jobs:
- name: ARM64
if: ${{ matrix.name == 'ARM64' }}
run: |
+ LDFLAGS="-static -z force-bti" MOREFLAGS="-mbranch-protection=standard" CC=$XCC QEMU_SYS=$XEMU make clean check
LDFLAGS="-static" CC=$XCC QEMU_SYS=$XEMU make clean check
- name: PPC
if: ${{ matrix.name == 'PPC' }}
diff --git a/lib/decompress/huf_decompress_amd64.S b/lib/decompress/huf_decompress_amd64.S
index 3b96b44612f..78da291ee3c 100644
--- a/lib/decompress/huf_decompress_amd64.S
+++ b/lib/decompress/huf_decompress_amd64.S
@@ -10,11 +10,32 @@
#include "../common/portability_macros.h"
+#if defined(__ELF__) && defined(__GNUC__)
/* Stack marking
* ref: https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart
*/
-#if defined(__ELF__) && defined(__GNUC__)
.section .note.GNU-stack,"",%progbits
+
+#if defined(__aarch64__)
+/* Mark that this assembly supports BTI & PAC, because it is empty for aarch64.
+ * See: https://github.com/facebook/zstd/issues/3841
+ * See: https://gcc.godbolt.org/z/sqr5T4ffK
+ * See: https://lore.kernel.org/linux-arm-kernel/20200429211641.9279-8-broonie@kernel.org/
+ * See: https://reviews.llvm.org/D62609
+ */
+.pushsection .note.gnu.property, "a"
+.p2align 3
+.long 4 /* size of the name - "GNU\0" */
+.long 0x10 /* size of descriptor */
+.long 0x5 /* NT_GNU_PROPERTY_TYPE_0 */
+.asciz "GNU"
+.long 0xc0000000 /* pr_type - GNU_PROPERTY_AARCH64_FEATURE_1_AND */
+.long 4 /* pr_datasz - 4 bytes */
+.long 3 /* pr_data - GNU_PROPERTY_AARCH64_FEATURE_1_BTI | GNU_PROPERTY_AARCH64_FEATURE_1_PAC */
+.p2align 3 /* pr_padding - bring everything to 8 byte alignment */
+.popsection
+#endif
+
#endif
#if ZSTD_ENABLE_ASM_X86_64_BMI2

38
SOURCES/enable-CET.patch
Unescape View File

@ -0,0 +1,38 @@
From cd7620a730413a48843e175d34dc408c152f8125 Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Tue, 11 Jan 2022 07:28:25 -0800
Subject: [PATCH] x86-64: Enable Intel CET
Intel Control-flow Enforcement Technology (CET):
https://en.wikipedia.org/wiki/Control-flow_integrity#Intel_Control-flow_Enforcement_Technology
requires that on Linux, all linker input files are marked as CET enabled
in .note.gnu.property section. For high-level language source codes,
.note.gnu.property section is added by compiler with the -fcf-protection
option. For assembly sources, include <cet.h> to add .note.gnu.property
section.
---
lib/common/portability_macros.h | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/lib/common/portability_macros.h b/lib/common/portability_macros.h
index 627ef9eed4..6ac4b05510 100644
--- a/lib/common/portability_macros.h
+++ b/lib/common/portability_macros.h
@@ -128,4 +128,15 @@
# define ZSTD_ENABLE_ASM_X86_64_BMI2 0
#endif
+/*
+ * For x86 ELF targets, add .note.gnu.property section for Intel CET in
+ * assembly sources when CET is enabled.
+ */
+#if defined(__ELF__) && (defined(__x86_64__) || defined(__i386__)) \
+ && defined(__has_include)
+# if __has_include(<cet.h>)
+# include <cet.h>
+# endif
+#endif
+
#endif /* ZSTD_PORTABILITY_MACROS_H */

15
SOURCES/pzstd.1.patch
Unescape View File

@ -1,8 +1,8 @@
diff -Naur zstd-1.5.4/programs/zstd.1 zstd-1.5.4.new/programs/zstd.1 diff -Naur zstd-1.5.1.orig/programs/zstd.1 zstd-1.5.1/programs/zstd.1
--- zstd-1.5.4/programs/zstd.1 2023-02-10 00:41:50.000000000 +0000 --- zstd-1.5.1.orig/programs/zstd.1 2021-12-20 22:49:18.000000000 +0000
+++ zstd-1.5.4.new/programs/zstd.1 2023-02-13 12:44:01.575160149 +0000 +++ zstd-1.5.1/programs/zstd.1 2021-12-22 16:49:17.160850340 +0000
@@ -162,6 +162,13 @@ @@ -146,6 +146,14 @@
\fB\-\-show\-default\-cparams\fR: shows the default compression parameters that will be used for a particular input file, based on the provided compression level and the input size\. If the provided file is not a regular file (e\.g\. a pipe), this flag will output the parameters used for inputs of unknown size\. \fB\-\-show\-default\-cparams\fR: Shows the default compression parameters that will be used for a particular src file\. If the provided src file is not a regular file (eg\. named pipe), the cli will just output the default parameters\. That is, the parameters that are used when the src size is unknown\.
.IP "\[ci]" 4 .IP "\[ci]" 4
\fB\-\-\fR: All arguments after \fB\-\-\fR are treated as files \fB\-\-\fR: All arguments after \fB\-\-\fR are treated as files
+ +
@ -11,7 +11,8 @@ diff -Naur zstd-1.5.4/programs/zstd.1 zstd-1.5.4.new/programs/zstd.1
+.TP +.TP
+.BR \-p ", " --processes +.BR \-p ", " --processes
+ number of threads to use for (de)compression (default:4) + number of threads to use for (de)compression (default:4)
+
+ +
.IP "" 0 .IP "" 0
.SS "gzip Operation Modifiers" .SS "Restricted usage of Environment Variables"
When invoked via a \fBgzip\fR symlink, \fBzstd\fR will support further options that intend to mimic the \fBgzip\fR behavior: Using environment variables to set parameters has security implications\. Therefore, this avenue is intentionally restricted\. Only \fBZSTD_CLEVEL\fR and \fBZSTD_NBTHREADS\fR are currently supported\. They set the compression level and number of threads to use during compression, respectively\.

147
SPECS/zstd.spec
Unescape View File

@ -1,6 +1,3 @@
# enable asm implementations by default
%bcond_without asm
# enable .lz4 support by default # enable .lz4 support by default
%bcond_without lz4 %bcond_without lz4
@ -10,26 +7,48 @@
# enable .gz support by default # enable .gz support by default
%bcond_without zlib %bcond_without zlib
# enable pzstd support by default %if 0%{?rhel} && 0%{?rhel} <= 6
# gcc-4.4 is currently too old to compile pzstd
%bcond_with pzstd
%else
%ifarch %{ix86} x86_64
%bcond_without pzstd %bcond_without pzstd
%else
# aarch64 and armv7hl at least currently segfault
# in ThreadPool test for the pzstd util
%bcond_with pzstd
%endif
%endif
%ifarch x86_64
%bcond_without asm
%else
# Disable asm to ensure non excutable stack
# used on archs where asm not actually used
# https://github.com/facebook/zstd/issues/2963
%bcond_with asm
%endif
# Disable gtest on RHEL # Disable gtest
%bcond gtest %[ !0%{?rhel} ] %bcond_with gtest
Name: zstd Name: zstd
Version: 1.5.5 Version: 1.5.1
Release: 9%{?dist} Release: 2%{?dist}
Summary: Zstd compression library Summary: Zstd compression library
License: BSD-3-Clause AND GPL-2.0-only License: BSD and GPLv2
URL: https://github.com/facebook/zstd URL: https://github.com/facebook/zstd
Source0: https://github.com/facebook/zstd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source0: https://github.com/facebook/zstd/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Patch1: pzstd.1.patch Patch1: pzstd.1.patch
Patch2: bti.patch Patch2: enable-CET.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc %{?with_gtest:gtest-devel} BuildRequires: gcc
%if %{with gtest}
BuildRequires: gtest-devel
%endif
%if %{with lz4} %if %{with lz4}
BuildRequires: lz4-devel BuildRequires: lz4-devel
%endif %endif
@ -74,7 +93,6 @@ find -name .gitignore -delete
%if %{with pzstd} %if %{with pzstd}
%patch1 -p1 %patch1 -p1
%endif %endif
%patch2 -p1 %patch2 -p1
%build %build
@ -95,10 +113,12 @@ execstack lib/libzstd.so.1
export CFLAGS="$RPM_OPT_FLAGS" export CFLAGS="$RPM_OPT_FLAGS"
export LDFLAGS="$RPM_LD_FLAGS" export LDFLAGS="$RPM_LD_FLAGS"
make -C tests test-zstd make -C tests test-zstd
%if %{with pzstd} && %{with gtest} %if %{with pzstd}
%if %{with gtest}
export CXXFLAGS="$RPM_OPT_FLAGS" export CXXFLAGS="$RPM_OPT_FLAGS"
make -C contrib/pzstd test make -C contrib/pzstd test
%endif %endif
%endif
%install %install
%make_install PREFIX=%{_prefix} LIBDIR=%{_libdir} %make_install PREFIX=%{_prefix} LIBDIR=%{_libdir}
@ -143,81 +163,32 @@ install -D -m644 programs/%{name}.1 %{buildroot}%{_mandir}/man1/p%{name}.1
%ldconfig_scriptlets -n lib%{name} %ldconfig_scriptlets -n lib%{name}
%changelog %changelog
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.5.5-9 * Mon Feb 07 2022 Jakub Martisko <jamartis@redhat.com> - 1.5.1-2
- Bump release for October 2024 mass rebuild: - Add some basic gating tests
Resolves: RHEL-64018 Resolves: rhbz#2050272
* Fri Oct 25 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 1.5.5-8 * Wed Jan 12 2022 Michel Alexandre Salim <salimma@centosproject.org> - 1.5.1-1
- Rebuilt for MSVSphere 10 - Rebase to the latest upstream version
- Enable optional gz, xz/lzma, and lz4 support in the zstd tool
* Tue Jul 23 2024 Jakub Martisko <jamartis@redhat.com> - 1.5.5-8 - Disable amd64 assembly on non-x86_64 architectures (rhbz#2035802)
- Backport the patch that enables BTI on aarch64 this should avoid the issue where an executable stack is created
Related: RHEL-50092 - Re-enable CET protections (rhbz#2039353)
Resolves: rhbz#2039488
* Mon Jul 22 2024 Jakub Martisko <jamartis@redhat.com> - 1.5.5-7
- Add the gating test from rhel-9 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.5.0-2
Related: RHEL-50092 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1.5.5-6
- Bump release for June 2024 mass rebuild * Mon Jul 12 2021 Jakub Martisko <jamartis@redhat.com> - 1.5.0-1
* Rebase to the latest upstream version
* Sat Jan 27 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.5-5 Resolves: rhbz#1928094
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Thu Jul 01 2021 Jakub Martisko <jamartis@redhat.com> - 1.4.9-3
* Sat Jul 22 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.5-4 - Drop gtest-devel dependency
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Resolves: rhbz#1977606
* Thu Jun 22 2023 Jiří Kučera <jkucera@redhat.com> - 1.5.5-3 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.4.9-2
- Drop gtest on RHEL (c9s backport) - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Thu Apr 13 2023 Lukáš Zaoral <lzaoral@redhat.com> - 1.5.5-2
- migrate to SPDX license format
* Wed Apr 05 2023 Pádraig Brady <P@draigBrady.com> - 1.5.5-1
- Latest upstream
* Mon Feb 13 2023 Pádraig Brady <P@draigBrady.com> - 1.5.4-1
- Latest upstream
* Sat Jan 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Sat Jul 23 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu May 19 2022 Peter Robinson <pbrobinson@fedoraproject.org> - 1.5.2-2
- ThreadPool segfault fixed so build pzst everywhere
* Sat Jan 22 2022 Pádraig Brady <P@draigBrady.com> - 1.5.2-1
- Latest upstream
* Sat Jan 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.1-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Jan 11 2022 Pádraig Brady <P@draigBrady.com> - 1.5.1-6
- Re-enable CET protections (#2039353)
* Fri Jan 07 2022 Michel Alexandre Salim <salimma@fedoraproject.org> - 1.5.1-5
- Enable gz, .xz/.lzma and .lz4 support
* Mon Jan 03 2022 Pádraig Brady <P@draigBrady.com> - 1.5.1-4
- Use correct prefix for pkgconfig.
* Wed Dec 29 2021 Pádraig Brady <P@draigBrady.com> - 1.5.1-3
- Avoid executable stack on i686 also.
* Tue Dec 28 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.5.1-2
- Disable amd64 assembly on non-intel architectures (#2035802):
this should avoid the issue where an executable stack is created.
* Wed Dec 22 2021 Pádraig Brady <P@draigBrady.com> - 1.5.1-1
- Latest upstream
* Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Sun May 16 2021 Pádraig Brady <P@draigBrady.com> - 1.5.0-2
- Latest upstream
* Fri Mar 05 2021 Pádraig Brady <P@draigBrady.com> - 1.4.9-1 * Fri Mar 05 2021 Pádraig Brady <P@draigBrady.com> - 1.4.9-1
- Latest upstream - Latest upstream

Write Preview
Loading…
Cancel
Save